Botan 1.7.17 (Development branch)

10-12-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Botan 1.7.17 (Development branch)

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. License: BSD License (revised) Changes:
This release of Botan fixes all known bugs in the new implementation of the ECDSA and ECDH public key algorithms. Support for DLL builds was slightly improved.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

certtool(1) General Commands Manual certtool(1) NAME
certtool - Manipulate certificates and keys. SYNOPSIS
certtool [options] DESCRIPTION
Generate X.509 certificates, certificate requests, and private keys. OPTIONS
Program control options -d, --debug LEVEL Specify the debug level. Default is 1. -h, --help Shows this help text -v, --version Shows the program's version Getting information on X.509 certificates -i, --certificate-info Print information on a certificate. -k, --key-info Print information on a private key. -l, --crl-info Print information on a CRL. --p12-info Print information on a PKCS #12 structure. Getting information on Openpgp certificates --pgp--certificate-info Print information on an OpenPGP certificate. --pgp--key-info Print information on an OpenPGP private key. --pgp--ring-info Print information on a keyring. Generating/verifying X.509 certificates/keys -c, --generate-certificate Generate a signed certificate. -e, --verify-chain Verify a PEM encoded certificate chain. The last certificate in the chain must be a self signed one. --generate-dh-params Generate PKCS #3 encoded Diffie-Hellman parameters. --load-ca-certificate FILE Certificate authority's certificate file to use. --load-ca-privkey FILE Certificate authority's private key file or PKCS #11 URL to use. --load-certificate FILE Certificate file to use. --load-privkey FILE Private key file or PKCS #11 URL to use. --load-pubkey FILE Public key file or PKCS #11 URL to use. --load-request FILE Certificate request file to use. -p, --generate-privkey Generate a private key. -q, --generate-request Generate a PKCS #10 certificate request. -s, --generate-self-signed Generate a self-signed certificate. -u, --update-certificate Update a signed certificate. Controlling output -8, --pkcs8 Use PKCS #8 format for private keys. --pkcs-cipher The cipher to use when doing pkcs encryption. Valid options are 3des,aes-128,aes-192,aes-256,rc2-40 --dsa Generate a DSA key. --bits BITS Specify the number of bits for key generation. --export-ciphers Use weak encryption algorithms. --inraw Use RAW/DER format for input certificates and private keys. --infile FILE Input file. --outraw Use RAW/DER format for output certificates and private keys. --outfile FILE Output file. --password PASSWORD Password to use. --to-p12 Generate a PKCS #12 structure. --template Use a template file to read input. See the doc/certtool.cfg in the distribution, for an example. --fix-key Some previous versions of certtool generated wrongly the optional parameters in a private key. This may affect programs that used them. To fix an old private key use --key-info in combination with this parameter. --v1 When generating a certificate use the X.509 version 1 format. This does not add any extensions (such as indication for a CA) but some programs do need these. EXAMPLES
To create a private key, run: $ certtool --generate-privkey --outfile key.pem To create a certificate request (needed when the certificate is issued by another party), run: $ certtool --generate-request --load-privkey key.pem --outfile request.pem To create a certificate request using a key stored in a PKCS #11 token, run: $ ./certtool --generate-request --load-privkey "pkcs11:..." --load-pubkey "pkcs11:..." --outfile request.pem To generate a certificate using the previous request, use the command: $ certtool --generate-certificate --load-request request.pem --outfile cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem To generate a certificate using the private key only, use the command: $ certtool --generate-certificate --load-privkey key.pem --outfile cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem To view the certificate information, use: $ certtool --certificate-info --infile cert.pem To generate a PKCS #12 structure using the previous key and certificate, use the command: $ certtool --load-certificate cert.pem --load-privkey key.pem --to-p12 --outder --outfile key.p12 AUTHOR
Nikos Mavrogiannopoulos <nmav@gnutls.org> and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list. This manual page was written by Ivo Timmermans <ivo@debian.org>, for the Debian GNU/Linux system (but may be used by others). May 23rd 2005 certtool(1)

Software Releases - RSS News

Botan 1.7.17 (Development branch)

LEARN ABOUT DEBIAN

certtool